Analysis and improvement of an authenticated key exchange protocol

Authors:
Jiaxin Pan;Libin Wang;Changshe Ma
Affiliations:
School of Computer, South China Normal University, Guangzhou, China and Shanghai Key Laboratory of Integrate Administration Technologies for Information Security, Shanghai, China;School of Computer, South China Normal University, Guangzhou, China and Shanghai Key Laboratory of Integrate Administration Technologies for Information Security, Shanghai, China;School of Computer, South China Normal University, Guangzhou, China
Venue:
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Year:
2011

Citing 10
Cited 0

Handbook of Applied Cryptography

Handbook of Applied Cryptography
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes

PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS

Designs, Codes and Cryptography
Comparing the Pre- and Post-specified Peer Models for Key Agreement

ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Session-state Reveal Is Stronger Than Ephemeral Key Reveal: Attacking the NAXOS Authenticated Key Exchange Protocol

ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
An eCK-Secure Authenticated Key Exchange Protocol without Random Oracles

ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman Protocols

ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Stronger security of authenticated key exchange

ProvSec'07 Proceedings of the 1st international conference on Provable security
HMQV: a high-performance secure diffie-hellman protocol

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we analyze and improve an authenticated key exchange protocol named as UP which is proposed in a recent paper. We present a key compromise impersonation (KCI) attack and a secret replication (SR) attack against up. In order to formally capture these attacks, a variant of Canetti-Krawczyk model named as vCK model is proposed. Using this variant, we describe a successful KCI attack and a successful SR attack against up. To avoid the attacks, we provide an improved protocol named as UP+ by binding the shared secret to the session identifier. UP+ is provably secure under the hardness of the Gap Diffie-Hellman problem in the random oracle model. Our improved protocol combines the higher security level with comparable efficiency.